This is a public list of programs you should avoid using due to flaws in code that have been reported or programs that have outstanding security. These companies code do not meet our standards of a secure plugin or do meet or exceed our standards.
quick overview of edit flow, shows better security than expected with an area that could use improvement, but over all the project thus far gets an A by us. We consider it safe enough to use.
We do not know why parsedown on github appears to be allowing rawhtml comments in an area dedicated to block comments. Also most of the parsedown does not apply security automatically. Is this by design? We wouldn’t use this project, but won’t say it isn’t safe enough to use.